Fortinet Secures the Path to 5G19 février 2019
Fortinet has just announced its portfolio support for the Mobile Service Provider transformation to a 5G core network. Fortinet has a growing family of advanced security solutions not only designed for, but fully integrated together to protect today’s evolving networks and virtual infrastructures. …

Analysis of a Fresh Variant of the Emotet Malware18 février 2019
Recently, FortiGuard Labs captured a fresh variant of the Emotet malware. This time, it’s embedded in a Microsoft Word document. We did a quick analysis on it, and in this blog we show how it works on a victim’s machine.

What to Expect at our Accelerate 2019 Conference13 février 2019
Accelerate 2019 offers a wide variety of sessions and workshops to give users and partners the tools and experience they need to secure their networks and the networks of their customers. Learn what to expect from this year’s conference.

Using Services to Fill Critical Security Gaps12 février 2019
Security services ensure that organizations of all sizes can consistently receive the security support they need across their entire security lifecycle, including planning, designing, implementing, integrating, managing, operating, and optimizing the security infrastructure—all provided by experienced security professionals with broad visibility into global threat trends and strategies. …

Aruba has released an update to ClearPass Policy Manager that addresses multiple security vulnerabilities.

Aruba BLE Radio Firmware Vulnerability18 octobre 2018
A vulnerability exists in the firmware of embedded BLE radios that are part of all Aruba AP-3xx series access points. An attacker who is able to exploit the vulnerability could install new, potentially malicious firmware into the AP’s BLE radio and could then gain access to the AP’s console port. Aruba products are NOT affected by a similar vulnerability being tracked as CVE-2018-16986 …

The Apache Struts group announced Struts version 2.3.35 on August 22, 2018.
Included in this update is a fix for one security vulnerability. Aruba ClearPass includes Apache Struts 2.3.34, but in a non-vulnerable configuration.

Two Linux kernel vulnerabilities, known as “SegmentSmack” and “FragmentSmack”, have been publicly disclosed. The Linux kernel used by Aruba ClearPass Policy Manager and Aruba AirWave is affected. Other Aruba products are not affected.

The cryptography library used by Aruba Instant provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker may be able to recover private keys for X.509 certificates. This vulnerability is
referred to as “ROBOT.”

Container Privilege Escalation Vulnerability Affecting Cisco Products: February 201922 février 2019
A vulnerability in the Open Container Initiative runc CLI tool used by multiple products could allow an unauthenticated, remote attacker to escalate privileges on a targeted system. The vulnerability exists because the affected software improperly handles file descriptors related to /proc/self/exe. An attacker could exploit the vulnerability either by persuading a user to create a new container us …

Cisco Webex Meetings Online Content Injection Vulnerability21 février 2019
A vulnerability in Cisco Webex Meetings Online could allow an unauthenticated, remote attacker to inject arbitrary text into a user’s browser. The vulnerability is due to improper validation of input. An attacker could exploit this vulnerability by convincing a targeted user to view a malicious URL. A successful exploit could allow the attacker to inject arbitrary text into the user’s …

Cisco Webex Teams for iOS Arbitrary File Upload Vulnerability21 février 2019
A vulnerability in the client application for iOS of Cisco Webex Teams could allow an authenticated, remote attacker to upload arbitrary files within the scope of the iOS application. The vulnerability is due to improper input validation in the client application. An attacker could exploit this vulnerability by sending a malicious file to a targeted user and persuading the user to manually open it …

Cisco Prime Infrastructure Certificate Validation Vulnerability21 février 2019
A vulnerability in the Identity Services Engine (ISE) integration feature of Cisco Prime Infrastructure (PI) could allow an unauthenticated, remote attacker to perform a man-in-the-middle attack against the Secure Sockets Layer (SSL) tunnel established between ISE and PI. The vulnerability is due to improper validation of the server SSL certificate when establishing the SSL tunnel with ISE. An att …

Cisco Prime Collaboration Assurance Software Unauthenticated Access Vulnerability21 février 2019
A vulnerability in the Quality of Voice Reporting (QOVR) service of Cisco Prime Collaboration Assurance (PCA) Software could allow an unauthenticated, remote attacker to access the system as a valid user. The vulnerability is due to insufficient authentication controls. An attacker could exploit this vulnerability by connecting to the QOVR service with a valid username. A successful exploit could …

Cisco Network Convergence System 1000 Series TFTP Directory Traversal Vulnerability21 février 2019
A vulnerability in the TFTP service of Cisco Network Convergence System 1000 Series software could allow an unauthenticated, remote attacker to retrieve arbitrary files from the targeted device, possibly resulting in information disclosure. The vulnerability is due to improper validation of user-supplied input within TFTP requests processed by the affected software. An attacker could exploit this …

Cisco SPA112, SPA525, and SPA5x5 Series IP Phones Certificate Validation Vulnerability21 février 2019
A vulnerability in the certificate handling component of the Cisco SPA112, SPA525, and SPA5X5 Series IP Phones could allow an unauthenticated, remote attacker to listen to or control some aspects of a Transport Level Security (TLS)-encrypted Session Initiation Protocol (SIP) conversation. The vulnerability is due to the improper validation of server certificates. An attacker could exploit this vul …

Cisco IoT Field Network Director XML External Entity Vulnerability21 février 2019
A vulnerability in the web-based user interface of Cisco Internet of Things Field Network Director (IoT-FND) Software could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. The vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing certain XML files. An attacker could exploit this vulnerability by …

Cisco HyperFlex Software Command Injection Vulnerability21 février 2019
A vulnerability in the cluster service manager of Cisco HyperFlex Software could allow an unauthenticated, adjacent attacker to execute commands as the root user. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting to the cluster service manager and injecting commands into the bound process. A successful exploit could allow the atta …